head 1.1;
branch 1.1.1;
access;
symbols
netbsd-11-0-RC5:1.1.1.1
netbsd-11-0-RC4:1.1.1.1
netbsd-11-0-RC3:1.1.1.1
netbsd-11-0-RC2:1.1.1.1
netbsd-11-0-RC1:1.1.1.1
OPENLDAP2_6_10:1.1.1.2
perseant-exfatfs-base-20250801:1.1.1.1
netbsd-11:1.1.1.1.0.6
netbsd-11-base:1.1.1.1
netbsd-10-1-RELEASE:1.1.1.1
perseant-exfatfs-base-20240630:1.1.1.1
perseant-exfatfs:1.1.1.1.0.4
perseant-exfatfs-base:1.1.1.1
netbsd-10-0-RELEASE:1.1.1.1
netbsd-10-0-RC6:1.1.1.1
netbsd-10-0-RC5:1.1.1.1
netbsd-10-0-RC4:1.1.1.1
netbsd-10-0-RC3:1.1.1.1
netbsd-10-0-RC2:1.1.1.1
netbsd-10-0-RC1:1.1.1.1
netbsd-10:1.1.1.1.0.2
netbsd-10-base:1.1.1.1
OPENLDAP2_5_6:1.1.1.1
OPENLDAP:1.1.1;
locks; strict;
comment @# @;
1.1
date 2021.08.14.16.05.12; author christos; state Exp;
branches
1.1.1.1;
next ;
commitid KGC86c2DM9XNjX4D;
1.1.1.1
date 2021.08.14.16.05.12; author christos; state Exp;
branches;
next 1.1.1.2;
commitid KGC86c2DM9XNjX4D;
1.1.1.2
date 2025.09.05.21.09.34; author christos; state Exp;
branches;
next ;
commitid fYrnJMLV6F5flz9G;
desc
@@
1.1
log
@Initial revision
@
text
@#! /bin/sh
# $OpenLDAP$
## This work is part of OpenLDAP Software .
##
## Copyright 1998-2021 The OpenLDAP Foundation.
## All rights reserved.
##
## Redistribution and use in source and binary forms, with or without
## modification, are permitted only as authorized by the OpenLDAP
## Public License.
##
## A copy of this license is available in the file LICENSE in the
## top-level directory of the distribution or, alternatively, at
## .
echo "running defines.sh"
. $SRCDIR/scripts/defines.sh
echo ""
if test $BACKASYNCMETA = asyncmetano ; then
echo "asyncmeta backend not available, test skipped"
exit 0
fi
if test $BACKLDAP = ldapno ; then
echo "ldap backend not available, test skipped"
exit 0
fi
rm -rf $TESTDIR
mkdir -p $TESTDIR $DBDIR1 $DBDIR2
echo "Starting slapd on TCP/IP port $PORT1..."
. $CONFFILTER $BACKEND < $METACONF1 > $CONF1
$SLAPD -f $CONF1 -h $URI1 -d $LVL > $LOG1 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$PID"
sleep 1
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -H $URI1 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Using ldapadd to populate the database..."
$LDAPADD -D "$MANAGERDN" -H $URI1 -w $PASSWD < \
$LDIFORDERED > $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Starting slapd on TCP/IP port $PORT2..."
. $CONFFILTER $BACKEND < $METACONF2 > $CONF2
$SLAPD -f $CONF2 -h $URI2 -d $LVL > $LOG2 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$KILLPIDS $PID"
sleep 1
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -H $URI2 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Using ldapadd to populate the database..."
$LDAPADD -D "$METAMANAGERDN" -H $URI2 -w $PASSWD < \
$LDIFMETA >> $TESTOUT 2>&1
RC=$?
if test $RC != 0 ; then
echo "ldapadd failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
echo "Starting slapd on TCP/IP port $PORT3..."
. $CONFFILTER $BACKEND < $ASYNCMETACONF > $CONF3
$SLAPD -f $CONF3 -h $URI3 -d $LVL > $LOG3 2>&1 &
PID=$!
if test $WAIT != 0 ; then
echo PID $PID
read foo
fi
KILLPIDS="$KILLPIDS $PID"
sleep 1
echo "Using ldapsearch to check that slapd is running..."
for i in 0 1 2 3 4 5; do
$LDAPSEARCH -s base -b "$MONITOR" -H $URI3 \
'objectclass=*' > /dev/null 2>&1
RC=$?
if test $RC = 0 ; then
break
fi
echo "Waiting 5 seconds for slapd to start..."
sleep 5
done
if test $RC != 0 ; then
echo "ldapsearch failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
fi
cat /dev/null > $SEARCHOUT
BASEDN="o=Example,c=US"
echo "Searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
# ITS#4195: spurious matchedDN when the search scopes the main target,
# and the searchBase is not present, so that target returns noSuchObject
BASEDN="ou=Meta,o=Example,c=US"
echo "Searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
#
# Do some modifications
#
BASEDN="o=Example,c=US"
echo "Modifying database \"$BASEDN\"..."
$LDAPMODIFY -v -D "cn=Manager,$BASEDN" -H $URI3 -w $PASSWD \
-M >> $TESTOUT 2>&1 << EOMODS
# These operations (updates with objectClass mapping) triggered ITS#3499
dn: cn=Added Group,ou=Groups,$BASEDN
changetype: add
objectClass: groupOfNames
objectClass: uidObject
cn: Added Group
member: cn=Added Group,ou=Groups,$BASEDN
uid: added
dn: cn=Another Added Group,ou=Groups,$BASEDN
changetype: add
objectClass: groupOfNames
cn: Another Added Group
member: cn=Added Group,ou=Groups,$BASEDN
member: cn=Another Added Group,ou=Groups,$BASEDN
dn: cn=Another Added Group,ou=Groups,$BASEDN
changetype: modify
add: objectClass
objectClass: uidObject
-
add: uid
uid: added
-
dn: cn=Added Group,ou=Groups,$BASEDN
changetype: modify
delete: objectClass
objectClass: uidObject
-
delete: uid
-
dn: ou=Meta,$BASEDN
changetype: modify
add: description
description: added to "ou=Meta,$BASEDN"
-
dn: ou=Who's going to handle this?,$BASEDN
changetype: add
objectClass: organizationalUnit
ou: Who's going to handle this?
description: added
description: will be deleted
dn: ou=Same as above,$BASEDN
changetype: add
objectClass: organizationalUnit
ou: Same as above
description: added right after "Who's going to handle this?"
description: will be preserved
dn: ou=Who's going to handle this?,$BASEDN
changetype: delete
dn: ou=Who's going to handle this?,ou=Meta,$BASEDN
changetype: add
objectClass: organizationalUnit
ou: Who's going to handle this?
description: added
description: will be deleted
dn: ou=Same as above,ou=Meta,$BASEDN
changetype: add
objectClass: organizationalUnit
ou: Same as above
description: added right after "Who's going to handle this?"
description: will be preserved
dn: cn=Added User,ou=Same as above,ou=Meta,$BASEDN
changetype: add
objectClass: inetOrgPerson
cn: Added User
sn: User
userPassword: secret
dn: ou=Who's going to handle this?,ou=Meta,$BASEDN
changetype: delete
EOMODS
RC=$?
#if test $RC != 0 ; then
# echo "Modify failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Modify failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "Searching base=\"$BASEDN\"..."
echo "# searching base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" >> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
BASEDN="o=Example,c=US"
echo " base=\"$BASEDN\"..."
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" -M "$FILTER" '*' ref \
>> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
BASEDN="o=Example,c=US"
FILTER="(seeAlso=cn=all staff,ou=Groups,$BASEDN)"
echo "Searching filter=\"$FILTER\""
echo " attrs=\"seeAlso\""
echo " base=\"$BASEDN\"..."
echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
echo "# attrs=\"seeAlso\"" >> $SEARCHOUT
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" seeAlso \
>> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
FILTER="(uid=example)"
echo "Searching filter=\"$FILTER\""
echo " attrs=\"uid\""
echo " base=\"$BASEDN\"..."
echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
echo "# attrs=\"uid\"" >> $SEARCHOUT
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" uid \
>> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
FILTER="(member=cn=Another Added Group,ou=Groups,$BASEDN)"
echo "Searching filter=\"$FILTER\""
echo " attrs=\"member\""
echo " base=\"$BASEDN\"..."
echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
echo "# attrs=\"member\"" >> $SEARCHOUT
echo "# base=\"$BASEDN\"..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -b "$BASEDN" "$FILTER" member \
>> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "Waiting 10 seconds for cached connections to timeout..."
sleep 10
echo "Searching with a timed out connection..."
echo "# searching filter=\"$FILTER\"" >> $SEARCHOUT
echo "# attrs=\"member\"" >> $SEARCHOUT
echo "# base=\"$BASEDN\"" >> $SEARCHOUT
echo "# with a timed out connection..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 -D "cn=Manager,$BASEDN" -w $PASSWD \
-b "$BASEDN" "$FILTER" member \
>> $SEARCHOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "Search failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 0
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
# NOTE: cannot send to $SEARCHOUT because the returned entries
# are not predictable...
echo "Checking server-enforced size limit..."
echo "# Checking server-enforced size limit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 \
-D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
-b "$BASEDN" "(objectClass=*)" 1.1 \
>> $TESTOUT 2>&1
RC=$?
case $RC,$BACKEND in
4,* | 0,null)
;;
0,*)
echo "Search should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
# NOTE: cannot send to $SEARCHOUT because the returned entries
# are not predictable...
echo "Checking client-requested size limit..."
echo "# Checking client-requested size limit..." >> $SEARCHOUT
$LDAPSEARCH -S "" -H $URI3 \
-D "cn=Bjorn Jensen,ou=Information Technology Division,ou=People,$BASEDN" -w bjorn \
-b "$BASEDN" -z 2 "(objectClass=*)" 1.1 \
>> $TESTOUT 2>&1
RC=$?
case $RC,$BACKEND in
4,* | 0,null)
;;
0,*)
echo "Search should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
*)
echo "Search failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "Filtering ldapsearch results..."
$LDIFFILTER < $SEARCHOUT > $SEARCHFLT
echo "Filtering original ldif used to create database..."
$LDIFFILTER < $METAOUT > $LDIFFLT
echo "Comparing filter output..."
$CMP $SEARCHFLT $LDIFFLT > $CMPOUT
if test $? != 0 ; then
echo "comparison failed - meta search/modification didn't succeed"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit 1
fi
echo "Binding as newly added user to database \"$BASEDN\"..."
$LDAPWHOAMI -H $URI3 \
-D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
-w $PASSWD >> $TESTOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "WhoAmI failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC in
0)
;;
51)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
;;
*)
echo "WhoAmI failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit $RC
;;
esac
echo "Binding with incorrect password to database \"$BASEDN\"..."
$LDAPWHOAMI -H $URI3 \
-D "cn=Added User,ou=Same as above,ou=Meta,$BASEDN" \
-w bogus >> $TESTOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "WhoAmI failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC,$BACKEND in
0,null)
;;
0,*)
echo "WhoAmI should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
51,*)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
;;
*)
;;
esac
echo "Binding with non-existing user to database \"$BASEDN\"..."
$LDAPWHOAMI -H $URI3 \
-D "cn=Non-existing User,ou=Same as above,ou=Meta,$BASEDN" \
-w bogus >> $TESTOUT 2>&1
RC=$?
#if test $RC != 0 ; then
# echo "WhoAmI failed ($RC)!"
# test $KILLSERVERS != no && kill -HUP $KILLPIDS
# exit $RC
#fi
case $RC,$BACKEND in
0,null)
;;
0,*)
echo "WhoAmI should have failed ($RC)!"
test $KILLSERVERS != no && kill -HUP $KILLPIDS
exit -1
;;
51,*)
echo "### Hit LDAP_BUSY problem; you may want to re-run the test"
;;
*)
;;
esac
test $KILLSERVERS != no && kill -HUP $KILLPIDS
echo ">>>>> Test succeeded"
test $KILLSERVERS != no && wait
exit 0
@
1.1.1.1
log
@Import OpenLDAP 2.5.6:
OpenLDAP 2.5.6 Release (2021/07/27)
Fixed libldap buffer overflow (ITS#9578)
Fixed libldap missing mutex unlock on connection alloc failure (ITS#9590)
Fixed lloadd cn=config olcBkLloadClientMaxPending setting (ITS#8747)
Fixed slapd multiple config defaults (ITS#9363)
Fixed slapd ipv6 addresses to work with tcp wrappers (ITS#9603)
Fixed slapo-syncprov delete of nonexistent sessionlog (ITS#9608)
Build
Fixed library symbol versioning on Solaris (ITS#9591)
Fixed compile warning in libldap/tpool.c (ITS#9601)
Fixed compile wraning in libldap/tls_o.c (ITS#9602)
Contrib
Fixed ppm module for sysconfdir (ITS#7832)
Documentation
Updated guide to document multival, idlexp, and maxentrysize (ITS#9613, ITS#9614)
OpenLDAP 2.5.5 Release (2021/06/03)
Added libldap LDAP_OPT_TCP_USER_TIMEOUT support (ITS#9502)
Added lloadd tcp-user-timeout support (ITS#9502)
Added slapd-asyncmeta tcp-user-timeout support (ITS#9502)
Added slapd-ldap tcp-user-timeout support (ITS#9502)
Added slapd-meta tcp-user-timeout support (ITS#9502)
Fixed incorrect control OIDs for AuthZ Identity (ITS#9542)
Fixed libldap typo in util-int.c (ITS#9541)
Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
Fixed libldap better TLS1.3 cipher suite handling (ITS#9521, ITS#9546)
Fixed lloadd multiple issues (ITS#8747)
Fixed slapd slap_op_time to avoid duplicates across restarts (ITS#9537)
Fixed slapd typo in daemon.c (ITS#9541)
Fixed slapd slapi compilation (ITS#9544)
Fixed slapd to handle empty DN in extended filters (ITS#9551)
Fixed slapd syncrepl searches with empty base (ITS#6467)
Fixed slapd syncrepl refresh on startup (ITS#9324, ITS#9534)
Fixed slapd abort due to typo (ITS#9561)
Fixed slapd-asyncmeta quarantine handling (ITS#8721)
Fixed slapd-asyncmeta to have a default operations timeout (ITS#9555)
Fixed slapd-ldap quarantine handling (ITS#8721)
Fixed slapd-mdb deletion of context entry (ITS#9531)
Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
Fixed slapd-meta quarantine handling (ITS#8721)
Fixed slapo-accesslog to record reqNewDN for modRDN ops (ITS#9552)
Fixed slapo-pcache locking during expiration (ITS#9529)
Build
Fixed slappw-argon2 module installation (ITS#9548)
Contrib
Update ldapc++/ldaptcl to use configure.ac (ITS#9554)
Documentation
ldap_first_attribute(3) - Document ldap_get_attribute_ber (ITS#8820)
ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559)
OpenLDAP 2.5.4 Release (2021/04/29)
Initial release for "general use".
OpenLDAP 2.4.59 Release (2021/06/03)
Fixed libldap TLSv1.3 cipher suites with OpenSSL 1.1.1 (ITS#9521)
Fixed libldap double free of LDAP_OPT_DEFBASE (ITS#9530)
Fixed slapd syncrepl handling of add+delete on single value attr (ITS#9295)
Fixed slapd-mdb cursor init check (ITS#9526)
Fixed slapd-mdb deletion of context entry (ITS#9531)
Fixed slapd-mdb off-by-one affecting search scope (ITS#9557)
Fixed slapo-pcache locking during expiration (ITS#9529)
Contrib
Fixed slapo-autogroup to not thrash thread context (ITS#9494)
Documentation
ldap_modify(3) - Delete non-existent mod_next parameter (ITS#9559)
OpenLDAP 2.4.58 Release (2021/03/16)
Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9454)
Fixed slapd to alloc new conn struct after freeing old one (ITS#9458)
Fixed slapd syncrepl to check all contextCSNs (ITS#9282)
Fixed slapd-bdb lockdetect config (ITS#9449)
OpenLDAP 2.4.57 Release (2021/01/18)
Fixed ldapexop to use correct return code (ITS#9417)
Fixed slapd to remove asserts in UUIDNormalize (ITS#9391)
Fixed slapd to remove assert in csnValidate (ITS#9410)
Fixed slapd validity checks for issuerAndThisUpdateCheck (ITS#9411, ITS#9427)
Fixed slapd validity checks for serialNumberAndIssuerCheck (ITS#9404, ITS#9424)
Fixed slapd AVA sort with invalid RDN (ITS#9412)
Fixed slapd ldap_X509dn2bv to check for invalid BER after RDN count (ITS#9423, ITS#9425)
Fixed slapd saslauthz to remove asserts in validation (ITS#9406, ITS#9407)
Fixed slapd saslauthz to use slap_sl_free on normalized DN (ITS#9409)
Fixed slapd saslauthz SEGV in slap_parse_user (ITS#9413)
Fixed slapd modrdn memory leak (ITS#9420)
Fixed slapd double-free in vrfilter (ITS#9408)
Fixed slapd cancel operation to correctly terminate (ITS#9428)
Fixed slapd-ldap fix binds on retry with closed connection (ITS#9400)
Fixed slapo-syncprov to ignore duplicate sessionlog entries (ITS#9394)
OpenLDAP 2.4.56 Release (2020/11/10)
Fixed slapd to remove assert in certificateListValidate (ITS#9383)
Fixed slapd to remove assert in csnNormalize23 (ITS#9384)
Fixed slapd to better parse ldapi listener URIs (ITS#9379)
OpenLDAP 2.4.55 Release (2020/10/26)
Fixed slapd normalization handling with modrdn (ITS#9370)
Fixed slapd-meta to check ldap_install_tls return code (ITS#9366)
Contrib
Fixed nssov misplaced semicolon (ITS#8731, ITS#9368)
OpenLDAP 2.4.54 Release (2020/10/12)
Fixed slapd delta-syncrepl to ignore delete ops on deleted entry (ITS#9342)
Fixed slapd delta-syncrepl to be fully serialized (ITS#9330)
Fixed slapd delta-syncrepl MOD on zero-length context entry (ITS#9352)
Fixed slapd syncrepl to be fully serialized (ITS#8102)
Fixed slapd syncrepl to call check_syncprov on fresh consumer (ITS#9345)
Fixed slapd syncrepl to propagate errors from overlay_entry_get_ov (ITS#9355)
Fixed slapd syncrepl to not create empty ADD ops (ITS#9359)
Fixed slapd syncrepl replace usage on single valued attrs (ITS#9295)
Fixed slapd-monitor fix monitor_back_register_database for empty suffix DB (ITS#9353)
Fixed slapo-accesslog normalizer for reqStart (ITS#9358)
Fixed slapo-accesslog to not generate new contextCSN on purge (ITS#9361)
Fixed slapo-syncprov contextCSN generation with empty suffix (ITS#9015)
Fixed slapo-syncprov sessionlog to use a TAVL tree (ITS#8486)
OpenLDAP 2.4.53 Release (2020/09/07)
Added slapd syncrepl additional SYNC logging (ITS#9043)
Fixed slapd syncrepl segfault on NULL cookie on REFRESH (ITS#9282)
Fixed slapd syncrepl to use fresh connection on REFRESH fallback (ITS#9338)
Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302,ITS#9334)
Build
Require OpenSSL 1.0.2 or later (ITS#9323)
Fixed libldap compilation issue with broken C compilers (ITS#9332)
OpenLDAP 2.4.52 Release (2020/08/28)
Added libldap LDAP_OPT_X_TLS_REQUIRE_SAN option (ITS#9318)
Added libldap OpenSSL support for multiple EECDH curves (ITS#9054)
Added slapd OpenSSL support for multiple EECDH curves (ITS#9054)
Fixed librewrite malloc/free corruption (ITS#9249)
Fixed libldap hang when using UDP and server down (ITS#9328)
Fixed slapd syncrepl rare deadlock due to network issues (ITS#9324)
Fixed slapd syncrepl regression that could trigger an assert (ITS#9329)
Fixed slapd-mdb index error with collapsed range (ITS#9135)
OpenLDAP 2.4.51 Release (2020/08/11)
Added slapo-ppolicy implement Netscape password policy controls (ITS#9279)
Fixed libldap retry loop in ldap_int_tls_connect (ITS#8650)
Fixed libldap to use getaddrinfo in ldap_pvt_get_fqdn (ITS#9287)
Fixed slapd to enforce singular existence of some overlays (ITS#9309)
Fixed slapd syncrepl to not delete non-replicated attrs (ITS#9227)
Fixed slapd syncrepl to correctly delete entries on resync (ITS#9282)
Fixed slapd syncrepl to use replace on single valued attrs (ITS#9294, ITS#9295)
Fixed slapd-perl dynamic config with threaded slapd (ITS#7573)
Fixed slapo-ppolicy to expose the ppolicy control (ITS#9285)
Fixed slapo-ppolicy race condition for pwdFailureTime (ITS#9302)
Fixed slapo-ppolicy so it can only exist once per DB (ITS#9309)
Fixed slapo-chain to check referral (ITS#9262)
Build Environment
Fix test064 so it no longer uses bashisms (ITS#9263)
Contrib
Fix default prefix value for pw-argon2, pw-pbkdf2 modules (ITS#9248)
slapo-allowed - Fix usage of uninitialized variable (ITS#9308)
Documentation
ldap_parse_result(3) - Document ldap_parse_intermediate (ITS#9271)
@
text
@@
1.1.1.2
log
@Import OpenLDAP 2.6.10 (previous was 2.5.6)
A.1. New Features and Enhancements in 2.6
A.1.1. New features in slapd
slapd now supports logging directly to a file, bypassing syslog.
A.1.2. New features in lloadd
lloadd now supports additional balancing mechansims
A.2. Obsolete Features Removed From 2.6
These features were strongly deprecated in 2.5 and removed in 2.6.
A.2.1. back-ndb
The experimental and incomplete back-ndb backend was removed.
See CHANGES for the complete list of bugfixes.
@
text
@d5 1
a5 1
## Copyright 1998-2024 The OpenLDAP Foundation.
d494 1
a494 1
exit 1
d518 1
a518 1
exit 1
d580 1
a580 1
exit 1
d605 1
a605 1
exit 1
@